Do You Have a Dark Endpoint Problem?

Endpoint blind spots are large — and growing. The recent Cost of Insecure Endpoints Study by the Ponemon Institute provides a glimpse of how big the problem is. Some 63 percent of respondents reported they could not monitor company endpoints once they left the corporate network, and 53 percent reported malware-infected endpoints had increased in volume in the past 12 months. Additionally, patching issues are the most commonly found security gap at the endpoint; 55 percent said endpoint management and security applications had been removed or corrupted on their endpoint devices.

More attacks and less visibility is a recipe for disaster, of course: It puts your data at great risk and gives cause to significant noncompliance fines. But data protection is far more than a compliance issue; it's a critical business imperative.

"Because you can't patch what you can't see, visibility, of course, becomes step number one."

Today's borderless enterprise must cope with an explosion of collaborative, cloud-based tools, vast amounts of free storage and countless software-as-a-service options. Remote workers and ever-increasing mobile work habits are the new norm when it comes to people accessing your data, and IoT devices both churn out new data types and serve as yet another potential breach point. To further that point, a full two-thirds of enterprises say they are unable to detect employee use of insecure mobile devices, while 62 percent of endpoint devices contain at-risk data.

Where Is Your Data?

Where is your data? There are so many possibilities, and that makes its protection a moving target. The reality is you can make very little progress without visibility; you can't control what you can't see.

Endpoint visibility is critically important today because breaches continue to happen at a staggering rate. In fact, the five latest customer data breaches have accounted for 75 percent of all stolen customer records, and 95 percent of those records are sourced from three key verticals: retail, government and technology.

Most of the criminal activity targeting today's enterprises originates at the endpoint, and the majority of modern breaches use known threats or vulnerabilities for which a patch already exists. For this reason, endpoint visibility must be complete and continuous. To maintain strong data security, you need visibility into all workers, remote and onsite. Waiting for dark, off-network endpoints to check back in is no longer a "good enough" approach.

This is easier said than done, obviously, which is why the endpoint continues to be the thorn in people's sides. On average, organizations have six different endpoint agents installed on endpoints, and the IT security team receives over 600 alerts each week. While it's true most data breaches can be stopped, security pros have to first know what they have before they can apply the correct remediation - and that is a challenge for most.

Automation Is the Key

Because you can't patch what you can't see, visibility, of course, becomes step number one. For fast, effective endpoint discovery, patch management and remediation, automation is essential. Automation quickly discovers all endpoints, on and off the corporate network, and pushes patches to remediate device vulnerabilities. Automation saves organizations money - an extrapolated cost of $2,095,751 per year, according to the Cost of Insecure Endpoints survey - and time - an estimated 56 percent time savings per year.

In the end, you need both policies and tools to discover all endpoints and protect the sensitive company data that resides on them. You also need to foster a continuous culture of security across the entire employee base. Data breaches will continue to be a significant, costly problem, but there are ways for you to step up your game.

For more on the current state of security and ideas for improving your overall posture, watch this short presentation I recently gave at the Forrester Privacy and Security Conference.

About the Author

Richard Henderson is Head of Global Threat Intelligence, where he is responsible for trend-spotting, industry-watching, and evangelizing the unique capabilities of Lastline's technologies. He has nearly two decades of experience and involvement in the global hacker community and discovers new trends and activities in the cyber-underground. He is a researcher and regular presenter at conferences and events and was lauded by a former US DHS undersecretary for cybersecurity as having an "insightful view" on the current state of cybersecurity. Henderson was one of the first researchers in the world to defeat Apple's TouchID fingerprint sensor on the iPhone 5S. He has taught courses on radio interception techniques multiple times at the DEFCON hacker conference. Henderson is a regular writer and contributor to many publications including BankInfoSecurity, Forbes, Dark Reading, and CSO.

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.